Jobs

Senior Data Engineer - Cyber Threat Intelligence (Forward Deployed)


Job details
  • Rowden
  • Hereford
  • 2 weeks ago
Applications closed

Description

About Rowden 

We’re building the next UK-headquartered engineering powerhouse.  

There is a gulf between the needs of mission-focused organisations and the development and delivery of the critical technology they rely on. The consequences of this are felt acutely by underserved frontline operators, demanding a new breed of engineering enterprise to bridge this divide. 

Rowden exists to meet this need. We design and build systems, infrastructure, and applications to deliver mission advantage to those working to protect the security of the UK and its allies. Rowden is setting a new standard in government technology provision: hyper-efficient engineering, better customer relationships, and rapid assimilation of commercial technology. 

Our team of Forward Deployed Specialists 

Join Rowden’s Forward Deployed Team and work where the action is. 

You'll collaborate directly with customers on-site, tackling their most complex technology challenges. From diagnosing critical issues to deploying innovative solutions, you'll be at the forefront of solving real-world problems that matter. If you're hands-on, thrive in fast-paced environments, and want to see the impact of your work up close – this is the team for you.  

What’s in it for you: 
  • Impact and Purpose:Your work makes a difference — directly supporting defence, national security, and frontline operators. 
  • Professional Growth:Experience faster learning, deeper technical challenges, and exposure to real-world constraints that sharpen your skills. 
  • Team Expansion:Be part of a growing team that’s delivering results and scaling up. Help us shape what forward deployment looks like as we expand into new projects and new regions. 
The role: Senior Data Engineer – Cyber Threat Intelligence 

The Senior Data Engineer plays a vital role in enhancing the organisation's cybersecurity capabilities by building and maintaining data pipelines that ingest, process, and visualise cyber threat intelligence (CTI) data. The focus of the role involves the setup and maintenance of the OpenCTI Threat Intelligence Platform (TIP), managing data ingestion into Elastic for visualisation and analysis purposes, and integrating threat intelligence feeds with Security Information and Event Management (SIEM) systems.  

This position will enable seamless data flow from internal and external CTI feeds into OpenCTI, Elastic for threat intelligence visualisation, and SIEM systems to support threat detection, analysis, and incident response.  

Your initial deployment is anticipated to be on-site in the West Midlands for approximately two years, working within a hybrid team of contractors and military personnel for a government organisation. While this role offers hybrid working options, it requires a minimum of 4 days per week on-site. Candidates must be willing to obtain a UKNSV security clearance with SC being essential, and DV clearance desirable. You do not have to have worked on customer sites or in a consultancy role previously.


Key areas of responsibility

  • Lead the deployment, configuration, and customisation of the OpenCTI Threat Intelligence Platform, integrating external and internal CTI feeds. 
  • Build and optimise data pipelines to ingest CTI data into Elastic for real-time analysis and visualization. 
  • Collaborate with CTI and SOC teams to design visualisations and dashboards that support incident detection and strategic decision-making. 
  • Automate data ingestion and transformation processes across OpenCTI, Elastic, and SIEM systems. 
  • Continuously optimise data pipelines to ensure low-latency processing and minimal downtime. 
  • Monitor and troubleshoot data ingestion processes, ensuring accuracy, consistency, and timely delivery of threat intelligence. 
  • Maintain documentation of platform configurations, data ingestion pipelines, and integrations. 
  • Provide training and support for teams on the use of OpenCTI and Elastic. 
  • Ensure compliance with internal security policies and regulatory requirements, including GDPR. 


About you

Qualifications, Skills & Experience: 
  • Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field is desirable. 
  • 3-5 years of experience as a data engineer, with a focus on cybersecurity and threat intelligence data ingestion and platform management. 
  • Certifications such as Certified Threat Intelligence Analyst (CTIA), GIAC Certified Enterprise Defender (GCED), or Certified Information Systems Security Professional (CISSP) are desirable.  
  • Strong experience with OpenCTI or similar TIP platforms, including platform deployment, customisation, and management.  
  • Experience with the Elastic Stack (Elasticsearch, Kibana, Logstash) for data ingestion, analysis, and visualisation, particularly in the context of cybersecurity.  
  • Ability to manage complex data pipelines and integrate them with SIEM systems.  
  • Proficiency in Python, SQL, or similar languages for data processing and automation.  
  • Familiarity with common CTI data formats such as STIX/TAXII, JSON, and CSV.  
  • Experience working with cloud-based data services (e.g., AWS, Azure) and integrating cloud-based threat intelligence feeds.  
  • Experience with CI/CD pipelines, containerisation (e.g., Docker, Kubernetes), and infrastructure as code (e.g., Terraform, Ansible).  
  • Experience in real-time data handling, visualization, and threat intelligence analysis. 
Key Attributes: 
  • Mission-first mindset:You prioritise the mission and our customers’ needs, always focused on delivering the best possible outcomes for the users of our systems.
  • Analytical thinking:Strong problem-solving and analytical skills to design, manage, and optimise data pipelines, ensuring efficient data flow and visualisation.
  • Collaboration:Ability to work effectively in a collaborative environment, working with cybersecurity analysts, IT teams, and other stakeholders to achieve shared goals.
  • Attention to detail:Strong attention to detail in ensuring data accuracy, quality, and security. 
  • Outcome-Driven:Strong focus on delivering actionable insights and seamless data flows that support operational objectives.


Working at Rowden

We are committed to building a flexible, inclusive, and enabling company. Our aim is to create a diverse team of talented people with unique skills, experience, and backgrounds, so please apply and come as you are!
 
Rowden is a Disability Confident Committed company, and we actively encourage people with disabilities and health conditions to apply for our roles. Please let us know your requirements early on so that we can make sure you have everything you need up front to help make the recruitment process and experience as easy as possible.
 
Finally, if you feel that you don’t meet all the criteria included above but have transferable skills and relevant experience, we’d still love to hear from you!
Our Mission: 
 
To create the best possible technology for frontline operators. 
 
We’re upending the conventions of government technology provision and bringing a leaner, more transparent, and lower-friction approach that reduces waste and places outcome over process. We believe every possible measure should be taken to provide frontline operators in today’s dynamic and rapidly changing world with the technology they need to help keep themselves and others safe. 
 
Our Vision: 
 
We offer fast and flexible solutions to the technical challenges of public sector organisations. 
 
We are specialists in software-centric systems, with deep expertise in developing capabilities for constrained networking environments or with challenging cyber security requirements. But the Rowden difference is as much cultural as it is technical: ‘what we do’ and ‘how we do it’ are equally important. We are specifically organised to create and sustain pace, reduce waste and inefficiency, and drive better outcomes. You’ll see and feel that energy and intent all over our business.
 
What matters to us?  
  • Our focus is on the end user. We exist to deliver the best possible outcomes for the users of our systems. 
  • Pace matters. The problems we solve are urgent.  
  • Our diverse skills and backgrounds make us better. Our team prides itself on being inclusive and multidisciplinary. 
  • We are radically honest. Saying what we mean, even when it isn’t easy. 
  • We are pragmatists. We provide realistic, focused solutions that get to the point. 
  • We improve continuously. We are relentless in our drive to make things better.  

Sign up for our newsletter

The latest news, articles, and resources, sent to your inbox weekly.

Similar Jobs

Senior Data Engineer - Cyber Threat Intelligence (Forward Deployed)

DescriptionAbout Rowden We’re building the next UK-headquartered engineering powerhouse.  There is a gulf between the needs of mission-focused organisations and the development and delivery of the critical technology they rely on. The consequences of this are felt acutely by underserved frontline operators, demanding a new breed of engineering enterprise to...

Rowden Hereford

Senior Data Integration Engineer

Who we are: Panaseer is a unique business that is changing the face of enterprise security. As a scale-up at the intersection of data science and big data technology, our Continuous Controls Monitoring platform (CCM) pioneered a new market category in the rapidly growing security sector. CCM enables global organizations...

Panaseer

Data Engineering Manager

DescriptionPosition at RetailMeNot With over 17,000 five-star reviews, VoucherCodes is the UK's biggest and most trusted voucher site. Partnered with big brands like adidas, Samsung, John Lewis, Travelodge and Domino’s Pizza, we receive over 8 million visits per month. Right now, we’re hiring for a skilled Data Engineering Manager to...

Ziff Davis London

Enterprise Account Manager – UK

Senior Data ScientistEnterprise Account Manager, South AfricaEnterprise Account Manager - UKSenior Software Development Engineer in TestEnterprise Account ManagerDirector, International and Technical AccountingEnterprise Account Manager - SwitzerlandEnterprise Account Manager FranceDemand Generation Manager, AsiaSenior Research ScientistSenior Software Development Engineer - Database SecuritySenior Software Development EngineerSoftware Development EngineerEnterprise Account Manager - Saudi ArabiaSenior...

Trellix

Senior Security Engineer (f/m/d)

Exasol is the world’s fastest analytics database, trusted by the world’s most ambitious organizations. Built for speed and flexibility, it can analyze billions of rows in seconds and run high-performance analytics securely – whether in the cloud or on-premises. Need to scale your analytics function? Simple pricing makes it easy....

Exasol Richmond

Senior Software Engineer - Threat Detection

It's fun to work in a company where people truly BELIEVE in what they're doing!We're committed to bringing passion and customer focus to the business.Corporate OverviewProofpoint is a leading cybersecurity company protecting organisations’ greatest assets and biggest risks: vulnerabilities in people. With an integrated suite of cloud-based solutions, Proofpoint helps...

Proofpoint London